My question is about java sockets. I initialize a new socket and send a DataOutputStream over this socket to a host in the internet. So, it is safe to send this data, that nobody can read this?
Thanks.
Asked
Active
Viewed 242 times
2 Answers
2
Elaborating on @Kayaman's answer, there are a number of ways that communication over a plain socket could be intercepted.
- Something could be logging packets in the host or hypervisor operating system
- Another computer on your local network could be "packet sniffing"; i.e. putting the network interface into "promiscuous" mode to read packets not addresses to it.
- Any gateway / router / network switch in the route could be logging packets.
Then there are more subtle attacks. For instance, something could have taken over a DNS server and caused the hostname you are trying to talk to to be routed to a fake server running on different IP address. The fake server could then send the packets on to the real server ... and do the same with packets coming in the reverse direction. (This is known as a "man in the middle" attack.)
If you use an SSLSocket and appropriate trust is in place then:
- you will be protected against man in the middle attacks,
- traffic will be encrypted as it goes over the network, and
- if the OS is secure and properly administered (at both ends) you will have end-to-end security for the data.
(Note that there are some caveats ... in addition to the ones above. But this answer is already long enough.)
Finally, using DataOutputStream (versus a Reader) makes no practical difference to security. Unpicking a binary encoded stream should be no challenge to a someone with moderate hacker skills.
Stephen C
- 698,415
- 94
- 811
- 1,216